<!DOCTYPE html>


<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    
    <title>ePass Module &mdash; vsmartcard 2017-01-16 documentation</title>
    
    <link rel="stylesheet" href="../../_static/basic.css" type="text/css" />
    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
    <link rel="stylesheet" href="../../_static/bootswatch-3.3.4/flatly/bootstrap.min.css" type="text/css" />
    <link rel="stylesheet" href="../../_static/bootstrap-sphinx.css" type="text/css" />
    
    <script type="text/javascript">
      var DOCUMENTATION_OPTIONS = {
        URL_ROOT:    '../../',
        VERSION:     '2017-01-16',
        COLLAPSE_INDEX: false,
        FILE_SUFFIX: '.html',
        HAS_SOURCE:  true
      };
    </script>
    <script type="text/javascript" src="../../_static/jquery.js"></script>
    <script type="text/javascript" src="../../_static/underscore.js"></script>
    <script type="text/javascript" src="../../_static/doctools.js"></script>
    <script type="text/javascript" src="../../_static/js/jquery-1.11.0.min.js"></script>
    <script type="text/javascript" src="../../_static/js/jquery-fix.js"></script>
    <script type="text/javascript" src="../../_static/bootstrap-3.3.4/js/bootstrap.min.js"></script>
    <script type="text/javascript" src="../../_static/bootstrap-sphinx.js"></script>
    <link rel="shortcut icon" href="../../_static/chip.ico"/>
    <link rel="top" title="vsmartcard 2017-01-16 documentation" href="../../index.html" />
    <link rel="up" title="cards Package" href="virtualsmartcard.cards.html" />
    <link rel="next" title="nPA Module" href="virtualsmartcard.cards.nPA.html" />
    <link rel="prev" title="cryptoflex Module" href="virtualsmartcard.cards.cryptoflex.html" />
<meta charset='utf-8'>
<meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>
<meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'>
<meta name="apple-mobile-web-app-capable" content="yes">

  </head>
  <body>
  
  <a href="https://github.com/frankmorgner/vsmartcard"
     class="visible-desktop hidden-xs"><img
    id="gh-banner"
    style="position: absolute; top: 50px; right: 0; border: 0;"
    src="https://s3.amazonaws.com/github/ribbons/forkme_right_white_ffffff.png"
    alt="Fork me on GitHub"></a>
  <script>
    // Adjust banner height.
    $(function () {
      var navHeight = $(".navbar .container").css("height");
      $("#gh-banner").css("top", navHeight);
    });
  </script>


  <div id="navbar" class="navbar navbar-default ">
    <div class="container">
      <div class="navbar-header">
        <!-- .btn-navbar is used as the toggle for collapsed navbar content -->
        <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse">
          <span class="icon-bar"></span>
          <span class="icon-bar"></span>
          <span class="icon-bar"></span>
        </button>
        <a class="navbar-brand" href="../../index.html">
          vsmartcard</a>
        <span class="navbar-text navbar-version pull-left"><b></b></span>
      </div>

        <div class="collapse navbar-collapse nav-collapse">
          <ul class="nav navbar-nav">
            
            
              <li class="dropdown globaltoc-container">
  <a role="button"
     id="dLabelGlobalToc"
     data-toggle="dropdown"
     data-target="#"
     href="../../index.html">Site <b class="caret"></b></a>
  <ul class="dropdown-menu globaltoc"
      role="menu"
      aria-labelledby="dLabelGlobalToc"><ul>
<li class="toctree-l1"><a class="reference internal" href="../README.html">Virtual Smart Card</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../remote-reader/README.html">Remote Smart Card Reader</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../ACardEmulator/README.html">Android Smart Card Emulator</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../TCardEmulator/README.html">Tizen Smart Card Emulator</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../pcsc-relay/README.html">PC/SC Relay</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../ccid/README.html">USB CCID Emulator</a></li>
</ul>
<ul class="current">
<li class="toctree-l1 current"><a class="reference internal" href="../api.html">Creating a Virtual Smart Card</a></li>
</ul>
</ul>
</li>
              
                <li class="dropdown">
  <a role="button"
     id="dLabelLocalToc"
     data-toggle="dropdown"
     data-target="#"
     href="#">Page <b class="caret"></b></a>
  <ul class="dropdown-menu localtoc"
      role="menu"
      aria-labelledby="dLabelLocalToc"><ul>
<li><a class="reference internal" href="#">ePass Module</a></li>
</ul>
</ul>
</li>
              
            
            
              
                
  <li>
    <a href="virtualsmartcard.cards.cryptoflex.html" title="Previous Chapter: cryptoflex Module"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">&laquo; cryptoflex Modul...</span>
    </a>
  </li>
  <li>
    <a href="virtualsmartcard.cards.nPA.html" title="Next Chapter: nPA Module"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">nPA Module &raquo;</span>
    </a>
  </li>
              
            
            
            
            
              <li class="hidden-sm"></li>
            
          </ul>

          
            
<form class="navbar-form navbar-right" action="../../search.html" method="get">
 <div class="form-group">
  <input type="text" name="q" class="form-control" placeholder="Search" />
 </div>
  <input type="hidden" name="check_keywords" value="yes" />
  <input type="hidden" name="area" value="default" />
</form>
          
        </div>
    </div>
  </div>

<div class="container">
  <div class="row">
    <div class="col-md-12 content">
      
  <div class="section" id="epass-module">
<h1>ePass Module<a class="headerlink" href="#epass-module" title="Permalink to this headline">¶</a></h1>
<p class="graphviz">
<img src="../../_images/inheritance-4ccf04ec0e92318a21cb6d3d419a82fcf6101d07.png" alt="Inheritance diagram of virtualsmartcard.cards.ePass" usemap="#inheritancef880455e0d" class="inheritance"/>
<map id="inheritancef880455e0d" name="inheritancef880455e0d">
<area shape="rect" id="node1" href="virtualsmartcard.SEutils.html#virtualsmartcard.SEutils.Security_Environment" title="virtualsmartcard.SEutils.Security_Environment" alt="" coords="5,55,324,80"/>
<area shape="rect" id="node4" href="#virtualsmartcard.cards.ePass.ePass_SE" title="This class implements the Security Environment of the ICAO Passports. It" alt="" coords="383,55,655,80"/>
<area shape="rect" id="node2" href="virtualsmartcard.SmartcardSAM.html#virtualsmartcard.SmartcardSAM.SAM" title="This class is used to store the data needed by the SAM." alt="" coords="36,5,293,31"/>
<area shape="rect" id="node3" href="#virtualsmartcard.cards.ePass.PassportSAM" title="SAM for ICAO ePassport. Implements Basic access control and key derivation" alt="" coords="372,5,667,31"/>
</map>
</p>
<span class="target" id="module-virtualsmartcard.cards.ePass"></span><dl class="class">
<dt id="virtualsmartcard.cards.ePass.PassportSAM">
<em class="property">class </em><tt class="descclassname">virtualsmartcard.cards.ePass.</tt><tt class="descname">PassportSAM</tt><big>(</big><em>mf</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM" title="Permalink to this definition">¶</a></dt>
<dd><p>Bases: <a class="reference internal" href="virtualsmartcard.SmartcardSAM.html#virtualsmartcard.SmartcardSAM.SAM" title="virtualsmartcard.SmartcardSAM.SAM"><tt class="xref py py-class docutils literal"><span class="pre">virtualsmartcard.SmartcardSAM.SAM</span></tt></a></p>
<p>SAM for ICAO ePassport. Implements Basic access control and key derivation
for Secure Messaging.</p>
<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.FSdecrypt">
<tt class="descname">FSdecrypt</tt><big>(</big><em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.FSdecrypt" title="Permalink to this definition">¶</a></dt>
<dd><p>Decrypt the given data, using the parameters stored in the SAM.
Right now we do not encrypt the data. In memory encryption might or
might not be added in a future version.</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.FSencrypt">
<tt class="descname">FSencrypt</tt><big>(</big><em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.FSencrypt" title="Permalink to this definition">¶</a></dt>
<dd><p>Encrypt the given data, using the parameters stored in the SAM.
Right now we do not encrypt the data. In memory encryption might or
might not be added in a future version.</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM._PassportSAM__computeKeys">
<tt class="descname">_PassportSAM__computeKeys</tt><big>(</big><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM._PassportSAM__computeKeys" title="Permalink to this definition">¶</a></dt>
<dd><p>Computes the keys depending on the machine readable
zone of the passport according to TR-PKI mrtds ICC read-only
access v1.1 annex E.1.</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM._get_referenced_key">
<tt class="descname">_get_referenced_key</tt><big>(</big><em>p1</em>, <em>p2</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM._get_referenced_key" title="Permalink to this definition">¶</a></dt>
<dd><p>This method returns the key specified by the p2 parameter. The key may
be stored on the cards filesystem.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first last simple">
<li><strong>p1</strong> &#8211; Specifies the algorithm to use.</li>
<li><strong>p2</strong> &#8211; <p>Specifies a reference to the key to be used for encryption.</p>
<table border="1" class="docutils">
<colgroup>
<col width="3%" />
<col width="3%" />
<col width="3%" />
<col width="3%" />
<col width="3%" />
<col width="3%" />
<col width="3%" />
<col width="3%" />
<col width="73%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">b8</th>
<th class="head">b7</th>
<th class="head">b6</th>
<th class="head">b5</th>
<th class="head">b4</th>
<th class="head">b3</th>
<th class="head">b2</th>
<th class="head">b1</th>
<th class="head">Meaning</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td>0</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>No information is given</td>
</tr>
<tr class="row-odd"><td>0</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td>Global reference data(e.g. MF specific key)</td>
</tr>
<tr class="row-even"><td>1</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td>Specific reference data(e.g. DF specific
key)</td>
</tr>
<tr class="row-odd"><td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td><ul class="first last">
<li></li>
</ul>
</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>Number of the secret</td>
</tr>
</tbody>
</table>
<p>Any other value RFU</p>
</li>
</ul>
</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.change_reference_data">
<tt class="descname">change_reference_data</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.change_reference_data" title="Permalink to this definition">¶</a></dt>
<dd><p>Change the specified referenced data (e.g. CHV) of the card</p>
</dd></dl>

<dl class="staticmethod">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.derive_key">
<em class="property">static </em><tt class="descname">derive_key</tt><big>(</big><em>seed</em>, <em>c</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.derive_key" title="Permalink to this definition">¶</a></dt>
<dd><p>Derive a key according to TR-PKI mrtds ICC read-only access v1.1
annex E.1.
c is either 1 for encryption or 2 for MAC computation.
Returns: Ka + Kb
Note: Does not adjust parity. Nobody uses that anyway ...</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.erase_SE">
<tt class="descname">erase_SE</tt><big>(</big><em>SEID</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.erase_SE" title="Permalink to this definition">¶</a></dt>
<dd><p>Erases a Security Environment stored under SEID from the SAM</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.external_authenticate">
<tt class="descname">external_authenticate</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>resp_data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.external_authenticate" title="Permalink to this definition">¶</a></dt>
<dd><p>Performs the basic access control protocol as defined in
the ICAO MRTD standard</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.generate_public_key_pair">
<tt class="descname">generate_public_key_pair</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.generate_public_key_pair" title="Permalink to this definition">¶</a></dt>
<dd></dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.get_card_number">
<tt class="descname">get_card_number</tt><big>(</big><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.get_card_number" title="Permalink to this definition">¶</a></dt>
<dd></dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.get_challenge">
<tt class="descname">get_challenge</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.get_challenge" title="Permalink to this definition">¶</a></dt>
<dd><p>Generate a random number of maximum 8 Byte and return it.</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.internal_authenticate">
<tt class="descname">internal_authenticate</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.internal_authenticate" title="Permalink to this definition">¶</a></dt>
<dd><p>Authenticate card to terminal. Encrypt the challenge of the terminal
to prove key posession</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.manage_security_environment">
<tt class="descname">manage_security_environment</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.manage_security_environment" title="Permalink to this definition">¶</a></dt>
<dd></dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.mutual_authenticate">
<tt class="descname">mutual_authenticate</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>mutual_challenge</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.mutual_authenticate" title="Permalink to this definition">¶</a></dt>
<dd><p>Takes an encrypted challenge in the form
&#8216;Terminal Challenge | Card Challenge | Card number&#8217;
and checks it for validity. If the challenge is successful
the card encrypts &#8216;Card Challenge | Terminal challenge&#8217; and
returns this value</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.parse_SM_CAPDU">
<tt class="descname">parse_SM_CAPDU</tt><big>(</big><em>CAPDU</em>, <em>header_authentication</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.parse_SM_CAPDU" title="Permalink to this definition">¶</a></dt>
<dd><p>Parse a command APDU protected by Secure Messaging and return the
unprotected command APDU</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.perform_security_operation">
<tt class="descname">perform_security_operation</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.perform_security_operation" title="Permalink to this definition">¶</a></dt>
<dd></dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.protect_result">
<tt class="descname">protect_result</tt><big>(</big><em>sw</em>, <em>unprotected_result</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.protect_result" title="Permalink to this definition">¶</a></dt>
<dd><p>Protect a plain response APDU by Secure Messaging</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.restore_SE">
<tt class="descname">restore_SE</tt><big>(</big><em>SEID</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.restore_SE" title="Permalink to this definition">¶</a></dt>
<dd><p>Restores a Security Environment from the SAM and replaces the current
SE with it.</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.set_MF">
<tt class="descname">set_MF</tt><big>(</big><em>mf</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.set_MF" title="Permalink to this definition">¶</a></dt>
<dd><p>Setter function for the internal reference to the Filesystem. The SAM
needs a reference to the filesystem in order to store/retrieve keys.</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.set_asym_algorithm">
<tt class="descname">set_asym_algorithm</tt><big>(</big><em>cipher</em>, <em>keytype</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.set_asym_algorithm" title="Permalink to this definition">¶</a></dt>
<dd><table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first last simple">
<li><strong>cipher</strong> &#8211; Public/private key object from used for encryption</li>
<li><strong>keytype</strong> &#8211; Type of the public key (e.g. RSA, DSA)</li>
</ul>
</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.store_SE">
<tt class="descname">store_SE</tt><big>(</big><em>SEID</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.store_SE" title="Permalink to this definition">¶</a></dt>
<dd><p>Stores the current Security environment in the secure access module.
The SEID is used as a reference to identify the SE.</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.PassportSAM.verify">
<tt class="descname">verify</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>PIN</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.PassportSAM.verify" title="Permalink to this definition">¶</a></dt>
<dd><p>Authenticate the card user. Check if he entered a valid PIN.
If the PIN is invalid decrement retry counter. If retry counter
equals zero, block the card until reset with correct PUK</p>
</dd></dl>

</dd></dl>

<dl class="class">
<dt id="virtualsmartcard.cards.ePass.ePass_SE">
<em class="property">class </em><tt class="descclassname">virtualsmartcard.cards.ePass.</tt><tt class="descname">ePass_SE</tt><big>(</big><em>MF</em>, <em>SAM</em>, <em>ssc=None</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE" title="Permalink to this definition">¶</a></dt>
<dd><p>Bases: <a class="reference internal" href="virtualsmartcard.SEutils.html#virtualsmartcard.SEutils.Security_Environment" title="virtualsmartcard.SEutils.Security_Environment"><tt class="xref py py-class docutils literal"><span class="pre">virtualsmartcard.SEutils.Security_Environment</span></tt></a></p>
<p>This class implements the Security Environment of the ICAO Passports. It
is required in order to use the send sequence counter for secure messaging.</p>
<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE._set_SE">
<tt class="descname">_set_SE</tt><big>(</big><em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE._set_SE" title="Permalink to this definition">¶</a></dt>
<dd><p>Manipulate the current Security Environment. P2 is the tag of a
control reference template, data contains control reference objects</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.compute_cryptographic_checksum">
<tt class="descname">compute_cryptographic_checksum</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.compute_cryptographic_checksum" title="Permalink to this definition">¶</a></dt>
<dd><p>Compute a cryptographic checksum (e.g. MAC) for the given data.
The ePass uses a Send Sequence Counter for MAC calculation</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.compute_digital_signature">
<tt class="descname">compute_digital_signature</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.compute_digital_signature" title="Permalink to this definition">¶</a></dt>
<dd><p>Compute a digital signature for the given data.
Algorithm and key are specified in the current SE</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first last simple">
<li><strong>p1</strong> &#8211; Must be 0x9E = Secure Messaging class for digital signatures</li>
<li><strong>p2</strong> &#8211; Must be one of 0x9A, 0xAC, 0xBC. Indicates what kind of data
is included in the data field.</li>
</ul>
</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.decipher">
<tt class="descname">decipher</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.decipher" title="Permalink to this definition">¶</a></dt>
<dd><p>Decipher data using key, algorithm, IV and Padding specified
by the current Security environment.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">raw data (no TLV coding). Padding is not removed!!!</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.encipher">
<tt class="descname">encipher</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.encipher" title="Permalink to this definition">¶</a></dt>
<dd><p>Encipher data using key, algorithm, IV and Padding specified
by the current Security environment.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">raw data (no TLV coding).</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.generate_public_key_pair">
<tt class="descname">generate_public_key_pair</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.generate_public_key_pair" title="Permalink to this definition">¶</a></dt>
<dd><p>The GENERATE PUBLIC-KEY PAIR command either initiates the generation
and storing of a key pair, i.e., a public key and a private key, in the
card, or accesses a key pair previously generated in the card.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first last simple">
<li><strong>p1</strong> &#8211; should be 0x00 (generate new key)</li>
<li><strong>p2</strong> &#8211; &#8216;00&#8217; (no information provided) or reference of the key to
be generated</li>
<li><strong>data</strong> &#8211; One or more CRTs associated to the key generation if
P1-P2 different from &#8216;0000&#8217;</li>
</ul>
</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.hash">
<tt class="descname">hash</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.hash" title="Permalink to this definition">¶</a></dt>
<dd><p>Hash the given data using the algorithm specified by the current
Security environment.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">raw data (no TLV coding).</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.manage_security_environment">
<tt class="descname">manage_security_environment</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.manage_security_environment" title="Permalink to this definition">¶</a></dt>
<dd><p>This method is used to store, restore or erase Security Environments
or to manipulate the various parameters of the current SE.
P1 specifies the operation to perform, p2 is either the SEID for the
referred SE or the tag of a control reference template</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>p1</strong> &#8211; <p>Bitmask according to this table</p>
<table border="1" class="docutils">
<colgroup>
<col width="4%" />
<col width="4%" />
<col width="4%" />
<col width="4%" />
<col width="4%" />
<col width="4%" />
<col width="4%" />
<col width="4%" />
<col width="71%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">b8</th>
<th class="head">b7</th>
<th class="head">b6</th>
<th class="head">b5</th>
<th class="head">b4</th>
<th class="head">b3</th>
<th class="head">b2</th>
<th class="head">b1</th>
<th class="head">Meaning</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td>1</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td>Secure messaging in command data field</td>
</tr>
<tr class="row-odd"><td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td>1</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td>Secure messaging in response data field</td>
</tr>
<tr class="row-even"><td><ul class="first last simple">
<li></li>
</ul>
</td>
<td>1</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td>Computation, decipherment, internal
authentication and key agreement</td>
</tr>
<tr class="row-odd"><td>1</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td>Verification, encipherment, external
authentication and key agreement</td>
</tr>
<tr class="row-even"><td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td><ul class="first last simple">
<li></li>
</ul>
</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>1</td>
<td>SET</td>
</tr>
<tr class="row-odd"><td>1</td>
<td>1</td>
<td>1</td>
<td>1</td>
<td>0</td>
<td>0</td>
<td>1</td>
<td>0</td>
<td>STORE</td>
</tr>
<tr class="row-even"><td>1</td>
<td>1</td>
<td>1</td>
<td>1</td>
<td>0</td>
<td>0</td>
<td>1</td>
<td>1</td>
<td>RESTORE</td>
</tr>
<tr class="row-odd"><td>1</td>
<td>1</td>
<td>1</td>
<td>1</td>
<td>0</td>
<td>1</td>
<td>0</td>
<td>0</td>
<td>ERASE</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.parse_SM_CAPDU">
<tt class="descname">parse_SM_CAPDU</tt><big>(</big><em>CAPDU</em>, <em>authenticate_header</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.parse_SM_CAPDU" title="Permalink to this definition">¶</a></dt>
<dd><p>This methods parses a data field including Secure Messaging objects.
SM_header indicates whether or not the header of the message shall be
authenticated. It returns an unprotected command APDU</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
<li><strong>CAPDU</strong> &#8211; The protected CAPDU to be parsed</li>
<li><strong>authenticate_header</strong> &#8211; Whether or not the header should be
included in authentication mechanisms</li>
</ul>
</td>
</tr>
<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first last">Unprotected command APDU</p>
</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.perform_security_operation">
<tt class="descname">perform_security_operation</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.perform_security_operation" title="Permalink to this definition">¶</a></dt>
<dd><p>In the end this command is nothing but a big switch for all the other
commands in ISO 7816-8. It will invoke the appropriate command and
return its result</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.protect_response">
<tt class="descname">protect_response</tt><big>(</big><em>sw</em>, <em>result</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.protect_response" title="Permalink to this definition">¶</a></dt>
<dd><p>This method protects a response APDU using secure messaging mechanisms</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">the protected data and the SW bytes</td>
</tr>
</tbody>
</table>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.verify_certificate">
<tt class="descname">verify_certificate</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.verify_certificate" title="Permalink to this definition">¶</a></dt>
<dd><p>Verify a certificate send by the terminal using the internal trust
anchors.
This method is currently not implemented.</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.verify_cryptographic_checksum">
<tt class="descname">verify_cryptographic_checksum</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.verify_cryptographic_checksum" title="Permalink to this definition">¶</a></dt>
<dd><p>Verify the cryptographic checksum contained in the data field.
Data field must contain a cryptographic checksum (tag 0x8E) and a plain
value (tag 0x80)</p>
</dd></dl>

<dl class="method">
<dt id="virtualsmartcard.cards.ePass.ePass_SE.verify_digital_signature">
<tt class="descname">verify_digital_signature</tt><big>(</big><em>p1</em>, <em>p2</em>, <em>data</em><big>)</big><a class="headerlink" href="#virtualsmartcard.cards.ePass.ePass_SE.verify_digital_signature" title="Permalink to this definition">¶</a></dt>
<dd><p>Verify the digital signature contained in the data field. Data must
contain a data to sign (tag 0x9A, 0xAC or 0xBC) and a digital signature
(0x9E)</p>
</dd></dl>

</dd></dl>

</div>


    </div>
      
  </div>
</div>
<footer class="footer">
  <div class="container">
    <p class="pull-right">
      <a href="#">Back to top</a>
      
    </p>
    <p>
        &copy; Copyright 2009-2017 by Dominik Oepen and Frank Morgner.<br/>
    </p>
  </div>
</footer>
  </body>
</html>